SUSE CVE-2012-4528

The modsecurity2 module before 2.7.0 for the Apache HTTP Server allows remote attackers to bypass rules, and deliver arbitrary POST data to a PHP application, via a multipart request in which an invalid part precedes the crafted data...

openSUSE Security Update : apache2-mod_security2 (openSUSE-SU-2013:1331-1)

complete overhaul of this package, with update to 2.7.5. - ruleset update to 2.2.8-0-g0f07cbb. - new configuration framework private to modsecurity2: /etc/apache2/conf.d/modsecurity2.conf loads /usr/share/apache2-modsecurity2/rules/modsecuritycrs1 0setup.conf, then...

Fedora Update for mod_security FEDORA-2013-9518

Check for the Version of modsecurity OpenVAS Vulnerability Test Fedora Update for modsecurity FEDORA-2013-9518 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...

Mandriva Linux Security Advisory : apache-mod_security (MDVSA-2013:029)

A vulnerability has been discovered and corrected in apache-modsecurity : ModSecurity = 2.6.8 is vulnerable to multipart/invalid part ruleset bypass, this was fixed in 2.7.0 released on2012-10-16 CVE-2012-4528. The updated packages have been patched to correct this issue. NOTE: This advisory was...

Fedora Update for mod_security FEDORA-2013-4834

Check for the Version of modsecurity OpenVAS Vulnerability Test Fedora Update for modsecurity FEDORA-2013-4834 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...

DEBIAN-CVE-2012-4528

The modsecurity2 module before 2.7.0 for the Apache HTTP Server allows remote attackers to bypass rules, and deliver arbitrary POST data to a PHP application, via a multipart request in which an invalid part precedes the crafted data...

UBUNTU-CVE-2012-4528

The modsecurity2 module before 2.7.0 for the Apache HTTP Server allows remote attackers to bypass rules, and deliver arbitrary POST data to a PHP application, via a multipart request in which an invalid part precedes the crafted data...

CVE-2012-4528

CVE-2012-4528 applies to the mod_security2 module for Apache HTTP Server, before version 2.7.0. The issue arises in multipart request handling where an invalid part precedes crafted data, allowing remote attackers to bypass rules and deliver arbitrary POST data to a PHP application. Impact is a r...

Mandriva Update for apache-mod_security MDVSA-2012:182 (apache-mod_security)

Check for the Version of apache-modsecurity OpenVAS Vulnerability Test Mandriva Update for apache-modsecurity MDVSA-2012:182 apache-modsecurity Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can...

Mandriva Linux Security Advisory : apache-mod_security (MDVSA-2012:182)

Multiple vulnerabilities has been discovered and corrected in apache-modsecurity : ModSecurity before 2.6.6, when used with PHP, does not properly handle single quotes not at the beginning of a request parameter value in the Content-Disposition field of a request with a multipart/form-data...

Fedora Update for mod_security_crs FEDORA-2012-18315

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora Update for mod_security FEDORA-2012-18315

Check for the Version of modsecurity OpenVAS Vulnerability Test Fedora Update for modsecurity FEDORA-2012-18315 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it und...

Fedora Update for mod_security_crs FEDORA-2012-18315

Check for the Version of modsecuritycrs OpenVAS Vulnerability Test Fedora Update for modsecuritycrs FEDORA-2012-18315 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify ...

Fedora 17 : mod_security-2.7.1-3.fc17 / mod_security_crs-2.2.6-3.fc17 (2012-18315)

Update to 2.7.1 - Update Core rules set to 2.2.6 - Fix build against libxml2 = 2.9 upstreamed - Add some missing directives RHBZ 569360 - Fix multipart/invalid part ruleset bypass issue CVE-2012-4528 RHBZ 867424, 867773, 867774 Note that Tenable Network Security has extracted the preceding...

Fedora 18 : mod_security-2.7.1-3.fc18 / mod_security_crs-2.2.6-3.fc18 (2012-18278)

Update to 2.7.1 - Update Core rules set to 2.2.6 - Fix build against libxml2 = 2.9 upstreamed - Add some missing directives RHBZ 569360 - Fix multipart/invalid part ruleset bypass issue CVE-2012-4528 RHBZ 867424, 867773, 867774 Note that Tenable Network Security has extracted the preceding...

CVE-2012-4528

creationtimestamp| type| source ---|---|--- 2012-10-17 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/37949...